users (POST)
Overview
Add or modify a user
- REST Method: POST
- Method Access: public
Query Parameters
| Name | Type | Description |
| authenticate | bool? | Force authentication for request (default: false) |
| authpassword | string? | Password to use for verification with external authentication service |
| authusername | string? | Username to use for verification with external authentication service |
| accountpassword | string? | Account password to set (default: do not set/change password) |
Return Codes
| Name | Value | Description |
| OK | 200 | The request completed successfully |
| Bad Request | 400 | Invalid input parameter or request body |
| Forbidden | 403 | Administrator access, apikey, or account owner is required |
| Not Found | 404 | Requested user could not be found |
| Conflict | 409 | Username conflicts with an existing username |
Message Format
Input:
<user id="{int}">
<username>{text}</username>
<email>{text}</email>
<fullname>{text}</fullname>
<status>{active|inactive}</status>
<service.authentication id="{int}" />
<permissions.user>
<role>{text}</role>
</permissions.user>
</user>
Output:
<user id="{int}" href="{uri}">
<nick>{text}</nick>
<username>{text}</username>
<email>{text}</email>
<page.home id="{int}" href="{int}">
<title>{text}</title>
<path>{text}</path>
</page.home>
<fullname>{text}</fullname>
<status>{active|inactive}</status>
<date.lastlogin>{date}</date.lastlogin>
<service.authentication id="{int}" href="{uri]" />
<permissions.user>
<operations mask="{int}">{text}</operations>
<role id="{int}" href="{uri}">{text}</role>
</permissions.user>
<permissions.effective>
<operations mask="{int}">{text}</operations>
</permissions.effective>
<groups count="{int}" href="{uri}">
<group id="{int}" href="{uri}">
<name>{text}</name>
<service.authentication id="{int}" href="{uri}" />
<users count="{int}" href="{uri}" />
<permissions.group>
<operations mask="{int}">{text}</operations>
<role id="{int}" href="{uri}">{text}</role>
</permissions.group>
</group>
...
</groups>
</user>
Implementation Notes
If no user ID is specified, a new user is created. Otherwise, the existing user is updated.
Note that is not possible to create two users having the same username. It is also not possible to modify a username to one that already exists.
C# Code Sample: Create New User
The following code example creates "newuser1". This user has the Contributor role, uses the local authentication service, and has account password "mypassword"
Sample Code
Plug p = Plug.New("http://deki-hayes/@api/deki");
p.At("users", "authenticate").WithCredentials("admin", "password").Get();
XDoc usersDoc = new XDoc("user")
.Elem("username", "newuser1")
.Elem("email", "newuser1@mindtouch.com")
.Elem("fullname", "newuser1's full name")
.Start("permissions.user")
.Elem("role", "Contributor")
.End();
p.At("users").With("accountpassword", "mypassword").Post(usersDoc);
Sample Response from executing Code
<user id="3" href="http://deki-hayes/@api/deki/users/3">
<nick>newuser1</nick>
<username>newuser1</username>
<email>newuser1@mindtouch.com</email>
<fullname>newuser1's full name</fullname>
<status>active</status>
<date.lastlogin>2007-09-06T00:56:51Z</date.lastlogin>
<service.authentication id="1" href="http://deki-hayes/@api/deki/site/services/1" />
<permissions.user>
<operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations>
<role id="4" href="http://deki-hayes/@api/deki/site/roles/4">Contributor</role>
</permissions.user>
<permissions.effective>
<operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations>
</permissions.effective>
<groups />
</user>
Curl Code Sample: Create New User
The following command line creates a new user according to the XML data in "createuser.xml".
Sample Code
curl -u admin:password -H "Content-Type: application/xml" -d @createuser.xml -i http://mindtouch.address/@api/deki/users
Implementation notes
curl flags
- -u
- Basic HTTP authentication. Sends a username and password to server so it can verify whether a user is of privilege to perform specific operation.
- -H
- Adds a header or modifies an existing one. In this case, since an XML document is being sent, the content type must be set to "application/xml". The server will not accept the request otherwise.
- -d @file
- Specifies the .xml file that contains the user data.
- -i
- Includes the HTTP response header in the output. Useful for debugging.
Permissions
ADMIN permission is required to execute above command. Otherwise, a 403 HTTP response (Forbidden) will be returned.
Example
The Riddler has invaded Mindtouch! The following will demonstrate how to create a Batman user to administer swift justice. Below is an XML document with all the necessary data to create the user.
batman.xml
Content-Type: application/xml
<user>
<username>Batman</username>
<email>alfred@batcave.com</email>
<fullname>I am the Batman</fullname>
<status>active</status>
</user>
Command Line
curl -u admin:password -H "Content-Type: application/xml" -d @batman.xml -i http://192.168.168.110/@api/deki/users
HTTP Response Headers
HTTP/1.1 200 OK Date: Wed, 06 Jan 2010 01:29:35 GMT Server: Dream-HTTPAPI/1.7.0.16080 X-Deki-Site: id="default" Content-Type: application/xml; charset=utf-8 Content-Length: 1246 Via: 1.1 dekiwiki
HTTP Response Body
Content-Type: application/xml
<?xml version="1.0"?>
<user id="3" href="http://192.168.168.110/@api/deki/users/3">
<nick>Batman</nick>
<username>Batman</username>
<email>alfred@batcave.com</email>
<hash.email>d46d8fa3b6c7af9b1794aa260b38a89e</hash.email>
<uri.gravatar>http://www.gravatar.com/avatar/d46d8fa3b6c7af9b1794aa260b38a89e</uri.gravatar>
<date.created>2010-01-04T22:55:32Z</date.created>
<page.home id="41" href="http://192.168.168.110/@api/deki/pages/41?redirects=0">
<uri.ui>http://192.168.168.110/User:Batman</uri.ui>
<title>User:Batman</title>
<path>User:Batman</path>
<namespace>user</namespace>
</page.home>
<fullname>I am the Batman</fullname>
<status>active</status>
<date.lastlogin>2010-01-04T22:55:31Z</date.lastlogin>
<language/>
<timezone/>
<service.authentication id="1" href="http://192.168.168.110/@api/deki/site/services/1"/>
<permissions.user>
<operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations>
<role id="4" href="http://192.168.168.110/@api/deki/site/roles/4">Contributor</role>
</permissions.user>
<permissions.effective>
<operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations>
</permissions.effective>
<groups/>
<properties href="http://192.168.168.110/@api/deki/users/3/properties"/>
</user>
Notes
- Attempting to create a user of the same name will result in a 409 HTTP response (Conflict).